Posted in Exploits Penetration Testing Web Application

ATutor 2.2.4 ‘language_import’ Arbitrary File Upload / RCE (CVE-2019-12169)

This proof of concept is demonstrating a vulnerability in ‘/mods/_core/languages/language_import.php’ that can be used to get remote code execution. The code can be modified to…

Continue Reading?